8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
spring-security-core is vulnerable to remote code execution (RCE). Spring Security uses jackson-databind with global default typing
enabled which allows the deserialization of unknown gadgets which allows remote code execution if one of the following scenarios is true: 1) The SecurityJackson2Modules.getModules(ClassLoader)
or SecurityJackson2Modules.enableDefaultTyping(ObjectMapper)
methods are used to invoke Spring Security’s Jackson support. 2) An unknown deserialization gadget
that allows code execution is present on the classpath.
CPE | Name | Operator | Version |
---|---|---|---|
spring-security-core | le | 4.2.2-RELEASE | |
spring-security-core | le | 4.2.2-RELEASE |
frohoff.github.io/appseccali-marshalling-pickles/
frohoff.github.io/owaspsd-deserialize-my-shorts/
www.securityfocus.com/bid/99080
github.com/spring-projects/spring-security/issues/4370
lists.apache.org/thread.html/4641ed8616ccc2c1fbddac2c3dc9900c96387bc226eaf0232d61909b@%3Ccommits.cassandra.apache.org%3E
lists.apache.org/thread.html/r42ac3e39e6265db12d9fc6ae1cd4b5fea7aed9830dc6f6d58228fed7@%3Ccommits.cassandra.apache.org%3E
lists.apache.org/thread.html/rf7f87810c38dc9abf9f93989f76008f504cbf7c1a355214640b2d04c@%3Ccommits.cassandra.apache.org%3E
pivotal.io/security/cve-2017-4995
www.sourceclear.com/registry/security/remote-code-execution-rce-through-deserialization/java/sid-3929
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P